<?php # Script 9.2 - delete_user.php
$page_title = '사용자 삭제';
include('includes/header.html');
?>
	<div id="wrap">
		<div class="navbar navbar-inverse">
			<div class="navbar-inner">
				<div class="container">
					<a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse">
						<span class="icon-bar"></span>
						<span class="icon-bar"></span>
						<span class="icon-bar"></span>
					</a>
					<a class="brand" href="index.php">User Manager</a>
					<div class="nav-collapse collapse">
						<ul class="nav">
							<li class=""><a href="index.php">홈</a></li>
							<li class="active"><a href="register.php">사용자 등록</a></li>
							<li class=""><a href="view_users.php">사용자 목록</a></li>
							<li class=""><a href="#">비밀번호 변경</a></li>
							<li class=""><a href="#">link five</a></li>
						</ul>
					</div>
				</div>
			</div>
		</div>
		<div class="container">
			<div class="page-header">
    	<!-- Start of the page-specific content. -->
<?php

echo '<h1>사용자 삭제</h1>';

// Check for a valid user ID, through GET or POST:
if ((isset($_GET['id'])) && (is_numeric($_GET['id'])) ) { // From view_users.php
	$id = $_GET['id'];
} elseif ((isset($_POST['id'])) && (is_numeric($_POST['id'])) ) { // Form submission.
	$id = $_POST['id'];
} else { // No valid ID, kill the script.
	echo '<p class="text-error">This page has been accessed in error.</p>';
	include('includes/footer.html');
	exit();
}

require_once('./mysqli_connect.php'); // Connect to the db.

// Check if the form has been submitted:
if (isset($_POST['submitted'])) {

	if ($_POST['sure'] == 'Yes') { // Delete the record.

		// Make the query.
		$q = "delete from users where user_id = $id limit 1";
		$r = @mysqli_query($dbc, $q);
		if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
			
			// Print a message:
			echo '<p>The user has been deleted.</p>';

		} else { // If the query did not run OK.
			echo '<p class="text-error">The user could not be deleted due to a system error.</p>'; // Public message.
			echo '<p>' . mysqli_error($dbc) . '<br/>Query: ' . $q . '</p>'; // Debugging message.
		}

	} else { // No confirmation of deletion.
		echo '<p>The user has NOT been deleted.</p>';
	}

} else { // Show the form.

	// Retrieve the user's information:
	$q = "select concat(last_name, ', ', first_name) from users where user_id = $id";
	$r = @mysqli_query($dbc, $q);

	if (mysqli_num_rows($r) == 1) { // Valid user ID, show the form.
		
		// Get the user's information:
		$row = mysqli_fetch_array($r, MYSQLI_NUM);

		// Create the form:
		echo '<h3>Name: '. $row[0].'</h3>
		<p>Are you sure you want to delete this user?<br/></p>
		<form action="delete_user.php" method="post" class="form-horizontal">
			<fieldset>
				<label class="radio inline">
		  			<input type="radio" name="sure" value="Yes" /> Yes
				</label>
				<label class="radio inline">
		  			<input type="radio" name="sure" value="No" checked="checked"> No
				</label>
				<div class="form-actions">
		            <button type="submit" class="btn btn-primary btn-large">Submit</button>
		            <input type="hidden" name="submitted" value="TRUE" />
		            <input type="hidden" name="id" value="'.$id.'" />
		        </div>
			</fieldset>
		</form>';
	} else { // Not a valid user ID.
		echo '<p class="text-error">This page has been accessed in error.</p>';
	}

} // End of the main submission conditional.

mysqli_close($dbc);

?>
<?php
include('includes/footer.html');
?>